logo
Adding Basic Authentication in Caddy

Adding Basic Authentication in Caddy

Dec 23, 2025

Adding Basic Authentication in Caddy

Caddy makes it very easy to protect routes or entire domains using HTTP Basic Authentication, without any extra modules or plugins.

This is useful for:

  • Internal tools

  • Admin panels

  • Staging environments

  • Temporary access control

Basic Auth for an Entire Domain

Example: Protect the whole site with a username and password.

example.com {
    basicauth {
        admin JDJhJDEyJHJpV1pGd1E2cXhVb1JwQzZrR1VvL1E3eU1aZUVyWnZtM1d2MGJZbC9mU2Zs
    }

    reverse_proxy localhost:3000
}

  • admin → username

  • The long string → bcrypt-hashed password

  • Caddy does not allow plain-text passwords (for security)

Generate a Password Hash

Use Caddy’s built-in command:

caddy hash-password

Enter your password, and Caddy will output a bcrypt hash. Use that hash in the basicauth block.

Protect Only a Specific Path

Example: Protect /admin but keep the rest of the site public.

example.com {

    handle_path /admin/* {
        basicauth {
            admin <HASHED_PASSWORD>
        }
        reverse_proxy localhost:3000
    }

    handle {
        reverse_proxy localhost:3000
    }
}

This is useful for dashboards or admin routes inside a Node.js app.

Best Security Practices in Caddy

23 Dec 2025

Best Security Practices in Caddy

Read more aboutBest Security Practices in Caddy
IP Allow / Deny Rules in Caddy

23 Dec 2025

IP Allow / Deny Rules in Caddy

Read more aboutIP Allow / Deny Rules in Caddy
Adding Rate Limiting in Caddy

23 Dec 2025

Adding Rate Limiting in Caddy

Read more aboutAdding Rate Limiting in Caddy
Explore More Blogs